检测点10.1
1000h
0
检测点10.2
6
注意压入栈的ip是call s的下一条内存地址也就是6
检测点10.3
mov ax,0
call far ptrs
inc ax
s:pop ax \\ax=8
add ax,ax \\ax=16=10h
pop bx \\bx=1000
add ax,bx \\ax=1010h
注意是16进制
检测点10.4
mov ax,6
call ax \\push 5 ip=6
inc ax
mov bp,sp \\[bp]=5
add ax,[bp] \\ax=11=0bh
检测点10.5
(1)
assume cs:code
stack segment
dw 8 dup(0)
stack ends
code segment
start:
mov ax,stack ;ax=stack
mov ss,ax ;ss=ax
mov sp,16 ;sp=16
mov ds,ax ;ds=ax
mov ax,0 ;ax=0
call word ptr ds:[0EH]
inc ax ;转跳,ax=1
inc ax ;ax=2
inc ax ;ax=3
mov ax,4c00h
int 21h
code ends
end start
(2)
assume cs:code
data segment
dw 8 dup(0)
data ends
code segment
start:
mov ax,data ;ax=data
mov ss,ax ;ss=ax
mov sp,16 ;sp=16
mov word ptr ss:[0],offset s ;ss:[0]=s的地址
mov ss:[2],cs ;ss:[2]=cs
call dword ptr ss:[0] ;call (cs):(s的地址)
nop ;ss:[0ch]=这条指令的地址
;ss:[0eh]=cs
s:
mov ax,offset s ;ax=s的地址
sub ax,ss:[0ch] ;ax=ax-ss:[0ch] = 1
mov bx,cs ;bx=cs
sub bx,ss:[0eh] ;bx=bx-cs=0
mov ax,4c00h
int 21h
code ends
end start
